Senior Product Security Engineer
Senior Product Security Engineer
Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love.
Product Security at Toast isn't just about running tools and reporting vulnerabilities – we're the vigilant chefs ensuring the Toast never gets burned. We bake security into every layer of our products, from the first sprinkle of an idea to the final serving of a fully-baked solution. Our team is the secret ingredient that makes Toast's digital recipe both delicious and secure. We collaborate closely with R&D, seasoning the development process with robust security measures that protect the services and applications our customers rely on to run their businesses.
Like master chefs, we blend cutting-edge technology with strategic thinking, kneading security into the dough of every product we create. By joining our Product Security team, you'll be part of the kitchen crew that keeps our customers' trust from going stale. You'll tackle complex challenges that have real-world impact, helping to serve up a safer, more secure digital experience for businesses that count on Toast every day. It's not just about finding vulnerabilities – it's about crafting a recipe for digital trust that keeps our customers coming back for more.
About this roll* (Responsibilities)
- Identify, triage, and provide remediation guidance for application vulnerabilities.
- Select, implement, design, or build tools to thwart attacks of all shapes and sizes.
- Improve developer tooling and adoption to build a more robust SSDLC.
- Practice a #OneTeam attitude to help other Toast teams make informed, security-conscious. decisions when building new software.
- Support and expand the Security Champions program, providing edge security guidance and training.
- Assist incident response teams with application security expertise and tools.
- Think like an attacker to identify weaknesses in application architecture.
In addition:
- Support Cloud and Network Infrastructure Engineering's implementation of edge security solutions.
- Influence the implementation and rule maintenance of our WAF strategy and other edge security solutions.
- Advise on WAF rules and policies to protect against common and emerging threats.
- Conduct regular assessments of our edge security posture and recommend improvements.
- Provide expertise on Content Delivery Networks (CDNs) and their security features.
Do you have the right ingredients*? (Requirements)
- 5+ years of experience in application security
- Strong knowledge of common web application vulnerabilities and edge-based attack vectors.
- Proficiency in analyzing web traffic patterns and identifying anomalies.
- Knowledge of compliance standards relevant to the financial industry (e.g., PCI DSS, SOC 2).
- Excellent problem-solving skills and ability to think creatively about edge security challenges.
- Strong communication skills, with the ability to explain complex edge security concepts to both technical and non-technical audiences.
- Strong understanding of cloud application architecture and common weaknesses.
Special Sauce* (Nonessential Skills/Nice to Haves)
Experience with:
- Understanding of WAF configuration, tuning, and optimization.
- Popular WAF solutions (e.g., AWS WAF, Cloudflare, Akamai, ModSecurity).
- Familiarity with CDN technologies and their security features.
- Cloud and container security technologies and SSDLC tooling (e.g. SAST/DAST/SCA)
- Infrastructure-as-code (IaC) technologies like Terraform to manage cloud security services
- Securing financial technologies
Relevant security certifications (e.g., CCSP, CISSP, CSSLP) are a plus
Diversity, Equity, and Inclusion is Baked into our Recipe for Success
At Toast, our employees are our secret ingredient—when they thrive, we thrive. The restaurant industry is one of the most diverse, and we embrace that diversity with authenticity, inclusivity, respect, and humility. By embedding these principles into our culture and design, we create equitable opportunities for all and raise the bar in delivering exceptional experiences.
We Thrive Together
We embrace a hybrid work model that fosters in-person collaboration while valuing individual needs. Our goal is to build a strong culture of connection as we work together to empower the restaurant community. To learn more about how we work globally and regionally, check out: https://careers.toasttab.com/locations-toast.
Apply today!
Toast is committed to creating an accessible and inclusive hiring process. As part of this commitment, we strive to provide reasonable accommodations for persons with disabilities to enable them to access the hiring process. If you need an accommodation to access the job application or interview process, please contact candidateaccommodations@toasttab.com.
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
Are you looking to make a significant impact on digital security? Join Toast as a Senior Product Security Engineer and be a vital part of our mission to support restaurants in adapting and thriving. At Toast, we believe in building security into our products from the ground up. You won't just be identifying vulnerabilities; you'll be an integral part of our team that ensures our digital solutions remain trustworthy and secure. You'll collaborate closely with our R&D teams, employing advanced security measures that protect the services our customers rely on. As a Senior Product Security Engineer, your role will involve identifying and triaging application vulnerabilities while also selecting and implementing tools to prevent diverse attacks. You’ll help enhance developer tools and processes to create a more robust secure software development lifecycle (SSDLC). Your insights will be invaluable in guiding teams toward making informed security-conscious decisions. Additionally, you’ll assist with incident response and contribute to our edge security strategies, collaborating with our Cloud and Network Infrastructure team. If you have a strong background in application security and a passion for creating secure digital experiences, Toast is the perfect place for you to grow your skills and help nurture the restaurant industry's future. Apply now, and let's craft a recipe for success together!
Join Toast as a Software Engineer II to develop and support enterprise-level features for their dynamic hospitality software platform.
Toast is looking for a Staff Data Scientist to build impactful data-driven models and insights for their restaurant platform.
As a Senior Product Owner at LDMS, you'll leverage your expertise in the financial sector to shape innovative digital lending solutions.
As a Senior Product Manager at Reuters, you'll lead the growth of specialized digital media content for industry professionals worldwide.
As the Strategic Bids & Contracts Manager at Meteor, you'll lead bid proposals and manage contract performance to align with organizational goals.
Join doinstruct as a Founders Associate to the CTO and play a vital role in optimizing technical operations and scaling products in a high-growth startup.
Join Apple as a Product Manager to drive the vision for an innovative content planning platform that transforms global content operations.
GEICO is looking for an experienced Product Manager to drive innovative solutions in fraud and risk management within the insurance sector.
DWS Group is looking for a skilled Product Specialist/ Product Analyst to enhance their Asian credit business and contribute to product development.
Become a key player at Visa as a Solutions Manager focusing on innovative payment solutions for diverse clients.
Restaurant
266 jobs
Subscribe to Rise newsletter
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
Sign up for our weekly
newsletter of fresh jobs
